Job Description

Senior Security Engineer

at Zscaler (View all jobs)

San Jose, California, United States

About Zscaler

Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange is the company’s cloud-native platform that protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.

With more than 10 years of experience developing, operating, and scaling the cloud, Zscaler serves thousands of enterprise customers around the world, including 450 of the Forbes Global 2000 organizations. In addition to protecting customers from damaging threats, such as ransomware and data exfiltration, it helps them slash costs, reduce complexity, and improve the user experience by eliminating stacks of latency-creating gateway appliances.

Zscaler was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. Zscaler’s purpose-built security platform puts a company’s defenses and controls where the connections occur—the internet—so that every connection is fast and secure, no matter how or where users connect or where their applications and workloads reside.

Position: Senior Infrastructure Engineer

Location: Remote within United States

We are seeking a talented and experienced Senior Security Engineer to join our team and play a crucial role in ensuring the security and integrity of our organization’s networks, systems, and data. As a Senior Security Engineer, you will work closely with cross-functional teams to design, implement, and maintain robust security solutions based on Zscaler technologies.

Responsibilities – What You’ll Do:

  • Design, implement, and manage Zscaler-based security solutions, including secure web gateways, cloud firewalls, data loss prevention (DLP), and threat intelligence.
  • Collaborate with stakeholders to define security requirements, assess risks, and develop effective strategies to protect the organization’s networks, systems, and data.
  • Conduct security assessments and penetration tests to identify vulnerabilities, recommend remediation actions, and ensure compliance with industry standards and regulations.
  • Monitor and analyze security logs, alerts, and incidents to detect and respond to security threats and breaches in a timely manner.
  • Develop and enforce security policies, standards, and procedures aligned with industry best practices and Zscaler’s Zero Trust framework.
  • Provide technical guidance and support to junior security engineers and other IT teams, assisting them in implementing and maintaining security controls.
  • Stay up-to-date with the latest security trends, vulnerabilities, and threat intelligence to continuously enhance the organization’s security posture.
  • Collaborate with vendors, service providers, and internal teams to evaluate and implement new security technologies and solutions.
  • Participate in incident response activities, including investigation, containment, and recovery from security incidents.
  • Conduct security awareness training and education programs for employees to promote a culture of security awareness and best practices.

Qualifications/Your background:

  • Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
  • Proven experience as a Security Engineer, preferably with a focus on Zscaler technologies.
  • In-depth knowledge of Zscaler products and services, including ZIA (Zscaler Internet Access) and ZPA (Zscaler Private Access).
  • Strong understanding of network security protocols, firewall technologies, intrusion detection/prevention systems (IDS/IPS), and secure web gateways.
  • Experience in designing and implementing Zero Trust architectures and methodologies.
  • Familiarity with cloud security concepts and technologies, including CASB (Cloud Access Security Broker).
  • Knowledge of industry standards and regulations such as ISO 27001, NIST, and GDPR.
  • Strong analytical and problem-solving skills, with the ability to assess risks, analyze security logs, and respond to security incidents.
  • Excellent communication skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.
  • Relevant certifications such as CISSP, CCSP, CEH, or Zscaler certifications are highly desirable.